Analysis
-
max time kernel
136s -
max time network
126s -
platform
windows10-2004_x64 -
resource
win10v2004-20240611-en -
resource tags
arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system -
submitted
01-07-2024 01:42
Behavioral task
behavioral1
Sample
b3b6418bd2db6b77bffcc3986d1657f702a5f3252152243d3339ef3ee90b2139.dll
Resource
win7-20240611-en
5 signatures
150 seconds
Behavioral task
behavioral2
Sample
b3b6418bd2db6b77bffcc3986d1657f702a5f3252152243d3339ef3ee90b2139.dll
Resource
win10v2004-20240611-en
1 signatures
150 seconds
General
-
Target
b3b6418bd2db6b77bffcc3986d1657f702a5f3252152243d3339ef3ee90b2139.dll
-
Size
684KB
-
MD5
6178f5cf28a1b4e77a7886ed0ae2e105
-
SHA1
66a7ace54526425f5b6e08d60dd4cd2a3c82bc15
-
SHA256
b3b6418bd2db6b77bffcc3986d1657f702a5f3252152243d3339ef3ee90b2139
-
SHA512
533b118d5eb3749cc22bcabcf66095eaddeb7192755ea1d42b3cdfb62596e206acaa5768b8caa21c54083c64b8366b9c5147f3dd260c9ed23a0869539233440f
-
SSDEEP
12288:fj4nQ9X7RZn4WXd+GXZVb7Zjbc8MKi1bvwuH:f8krRZn4Wt+GXZVb7Zjbc8MKavx
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
rundll32.exedescription pid process target process PID 4724 wrote to memory of 1568 4724 rundll32.exe rundll32.exe PID 4724 wrote to memory of 1568 4724 rundll32.exe rundll32.exe PID 4724 wrote to memory of 1568 4724 rundll32.exe rundll32.exe
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\b3b6418bd2db6b77bffcc3986d1657f702a5f3252152243d3339ef3ee90b2139.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\b3b6418bd2db6b77bffcc3986d1657f702a5f3252152243d3339ef3ee90b2139.dll,#12⤵